Is there a way to grab logs from Checkpoint FW-1 without using OPSEC? Any suggestions will be appreciated ;).
Hi, I'm using 'fw log -l -n -p' to export the logs to a file. You'll need to setup a sourcetype as per http://answers.splunk.com/questions/11592/parsing-checkpoint-firewall-log-dates to splunk understands the timestamp.
Take a look at 'fw log -h' for other options such as tailing the log which might be usable in a scripted input.